ops/infra-shared
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
infra-shared/.gitea/workflows/ci.yaml

98 lines
2.6 KiB
YAML
Raw Permalink Blame History

name: gitea pipeline build
run-name: ${{ github.actor }} started maven build on ${{ github.ref_name }}
on:
workflow_call:
inputs:
git_repository:
required: true
type: string
java_version:
required: false
type: string
default: '25'
java_distribution:
required: false
type: string
default: "liberica"
maven_version:
required: false
type: string
default: 3.9.14
sonar_host:
required: true
type: string
dtrack_host_name:
required: false
type: string
default: 'dtrack.muehlencord.de'
dtrack_protocol:
required: false
type: string
default: "https"
dtrack_port:
required: false
type: string
default: "443"
dtrack_bom_file:
required: true
type: string
dtrack_project_uuid:
required: true
type: string
secrets:
SSH_PRIVATE_KEY:
required: true
SONAR_TOKEN:
required: true
DTRACK_API_KEY:
required: true
jobs:
build:
name: Gitea pipeline build
runs-on: ubuntu-latest
steps:
- name: Prepare SSH
run: |
install -m 600 -D /dev/null ~/.ssh/id_rsa
echo "${{ secrets.SSH_PRIVATE_KEY }}" > ~/.ssh/id_rsa
ssh-keyscan -H git.muehlencord.de >> ~/.ssh/known_hosts
- name: Clone repository
run: |
git clone ${{ inputs.git_repository }} source
cd source
git checkout ${{ github.ref_name }}
- name: Set up JDK ${{ inputs.java_version }}
uses: https://github.com/actions/setup-java@v5
with:
distribution: ${{ inputs.java_distribution }}
java-version: ${{ inputs.java_version }}
cache: 'maven'
- name: Set up Maven ${{ inputs.maven_version }}
uses: stCarolas/setup-maven@v5
with:
maven-version: ${{ inputs.maven_version }}
- name: Build with Maven
working-directory: source
run: mvn -B jacoco:prepare-agent verify sonar:sonar org.cyclonedx:cyclonedx-maven-plugin:makeAggregateBom -Dsonar.host.url="${{ inputs.sonar_host }}" -Dsonar.token="${{ secrets.SONAR_TOKEN }}"
- name: Upload SBOM to DTrack
uses: DependencyTrack/gh-upload-sbom@v3
with:
serverHostname: ${{ inputs.dtrack_host_name }}
protocol: ${{ inputs.dtrack_protocol }}
port: ${{ inputs.dtrack_port }}
apiKey: ${{ secrets.DTRACK_API_KEY }}
project: ${{ inputs.dtrack_project_uuid }}
bomFilename: ${{ inputs.dtrack_bom_file }}
Reference in New Issue View Git Blame Copy Permalink